错误集成Bitbucket管道与SonarCloud

Question

ALM使用Bitbucket云

基于Bitbucket云的CI系统

存储库的语言:角(用于JS、TS、Go、Python、PHP、…)

Error observed
ERROR: Error during SonarScanner execution

ERROR: Not authorized. Please check the property sonar.login or SONAR_TOKEN env variable

复制步骤

SONAR_TOKEN already generated and added to my ENV_VAR

Bitbucket.yaml

image: ‘node:12.22’
clone:
depth: full # SonarCloud scanner needs the full history to assign issues properly

definitions:
caches:
sonar: ~/.sonar/cache # Caching SonarCloud artifacts will speed up your build
steps:

step: &build-test-sonarcloud
name: Build, test and analyze on SonarCloud
caches:
- sonar
script:
- pipe: sonarsource/sonarcloud-scan:1.2.1
variables:
EXTRA_ARGS: ‘-Dsonar.host.url=https://sonarcloud.io -Dsonar.login=${SONAR_TOKEN}’

step: &check-quality-gate-sonarcloud
name: Check the Quality Gate on SonarCloud
script:
- pipe: sonarsource/sonarcloud-quality-gate:0.1.4

pipelines:
branches

• 潜在的解决办法--不知道。

Answer 1

如果您已经将声纳云应用程序安装到您的工作区环境中，则不需要再次提供声纳url。集成过程是处理URL部分。另外，您应该将Sonar令牌变量添加到Workspace或回购环境中。之后，您应该登录到SonarCloud组织帐户，并将您的回购绑定到SonarCloud，以便能够通过SonarCloud对其进行评估。这是我的声纳云装置；

bitbucket-管道文件，

image:
  name: <base image>

clone:
  # SonarCloud scanner needs the full history to assign issues properly
  depth: full

definitions:
  caches:
    # Caching SonarCloud artifacts will speed up your build
    sonar: ~/.sonar/cache

pipelines:
  pull-requests:
    '**':
      - step:
          name: "Code Quality and Security on PR"
          script:
            - pipe: sonarsource/sonarcloud-scan:1.2.1
              variables:
                SONAR_TOKEN: '$SONAR_CLOUD_TOKEN'
                SONAR_SCANNER_OPTS: -Xmx512m
                DEBUG: "true"
  branches:
    master:
      - step:
          name: "Code Quality and Security on master"
          script:
            - pipe: sonarsource/sonarcloud-scan:1.2.1
              variables:
                SONAR_TOKEN: '$SONAR_CLOUD_TOKEN'
                SONAR_SCANNER_OPTS: -Xmx512m
                DEBUG: "true"
  tags:
    '*.*.*-beta*':
      - step:
          name: "Image Build & Push"
          services:
            - docker
          caches:
            - docker
          clone:
            depth: 1
          script:
            - <build script>       
      - step:
          name: "Deploy"
          deployment: beta
          clone:
            enabled: false
          script:
            - <deploy script>
    '*.*.*-prod':
      - step:
          name: "Image Build & Push"
          services:
            - docker
          caches:
            - docker
          clone:
            depth: 1
          script:
            - <build script>       
      - step:
          name: "Deploy"
          deployment: prod
          clone:
            enabled: false
          script:
            - <deploy script>

声纳-Project.properties文件，

sonar.organization=<sonar cloud organization name> 

sonar.projectKey=<project key>
sonar.projectName=<project name>

sonar.sources=<sonar evaluation path>
sonar.language=<repo language>
sonar.sourceEncoding=UTF-8